3Com WX2200 3CRWX220095A Switch User Manual

Configuring Web Portal WebAAA 467
Configuring Web
Portal WebAAA
To configure Web Portal WebAAA:
1 Configure an SSID or wired authentication port and set the fallthru
authentication type to web-portal. The default for SSIDs and for wired
authentication ports is none.
2 Configure individual WebAAA users. Because the VLAN is assigned based
on the service profile (where it is set by the attr vlan-name vlan-id
option) or web-portal-wired user (where it is set to default), MSS
ignores the VLAN-Name and Tunnel-Private-Group-ID attributes.
However, MSS does assign other attributes if set.
3 Configure web authentication rules for the WebAAA users.
4 Save the configuration changes.
Web Portal WebAAA Configuration Example
This example configures Web-Portal access to SSID mycorp.
1 Configure the user VLAN on ports 2 and 3, and configure an IP interface
on the VLAN:
WX1200# set vlan mycorp-vlan port 2-3
success: change accepted.
WX1200# set interface mycorp-vlan ip
success: change accepted.
The VLAN does not need to be configured on the switch where you
configure Web Portal but the VLAN does need to be configured on a
switch somewhere in the Mobility Domain. The user’s traffic will be
tunneled to the switch where the VLAN is configured.
2 Configure the service profile for SSID mycorp. Configuration includes the
Set the SSID name.
Change the fallthru authentication type to web-portal.
Set the default VLAN to mycorp-vlan (created in step 1.) MSS will
place Web-Portal users into this VLAN.
Enable RSN (WPA2) data encryption with CCMP. (This example
assumes clients support this encryption type.) TKIP is enabled by
default and is left enabled in this example.
WX1200# set service-profile mycorp-srvcprof ssid-name mycorp
success: change accepted.